- Description
- Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access.
- Source
- security@zoom.us
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
- security@zoom.us
- CWE-939
- Hype score
- Not currently trending
Warning: High severity Privilege Escalation vulnerabilities in #Zoom products (Windows & Mobile clients). CVE-2026-53407, CVE-2026-53408 & CVE-2026-53406. https://t.co/tXcTGr1mIy, https://t.co/WBb9jcf5xH #patch #patch #patch #EoP
@CCBalert
10 Jun 2026
172 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In the era of AI-generated code and automated research, I still believe human creativity has the edge. My latest High severity CVEs in Zoom’s Android and iOS clients (CVE-2026-53407, CVE-2026-53408) came from pure human reasoning—not automation 😎 https://t.co/3PctR60DzU
@Ch0pin
9 Jun 2026
1335 Impressions
1 Retweet
30 Likes
10 Bookmarks
0 Replies
0 Quotes